class GRPC::Core::Creds

Public Class Methods

creds = ServerCredentials.new(nil, click to toggle source
[{private_key: <pem_private_key1>,
{cert_chain: <pem_cert_chain1>}],
force_client_auth)
creds = ServerCredentials.new(pem_root_certs,
[{private_key: <pem_private_key1>,
{cert_chain: <pem_cert_chain1>}],
force_client_auth)

pem_root_certs: (optional) PEM encoding of the server root certificate pem_private_key: (required) PEM encoding of the server's private keys force_client_auth: indicatees

Initializes ServerCredential instances.

static VALUE grpc_rb_server_credentials_init(VALUE self, VALUE pem_root_certs,
                                             VALUE pem_key_certs,
                                             VALUE force_client_auth) {
  grpc_rb_server_credentials *wrapper = NULL;
  grpc_server_credentials *creds = NULL;
  grpc_ssl_pem_key_cert_pair *key_cert_pairs = NULL;
  VALUE cert = Qnil;
  VALUE key = Qnil;
  VALUE key_cert = Qnil;
  int auth_client = 0;
  long num_key_certs = 0;
  int i;

  if (NIL_P(force_client_auth) ||
      !(force_client_auth == Qfalse || force_client_auth == Qtrue)) {
    rb_raise(rb_eTypeError,
             "bad force_client_auth: got:<%s> want: <True|False|nil>",
             rb_obj_classname(force_client_auth));
    return Qnil;
  }
  if (NIL_P(pem_key_certs) || TYPE(pem_key_certs) != T_ARRAY) {
    rb_raise(rb_eTypeError, "bad pem_key_certs: got:<%s> want: <Array>",
             rb_obj_classname(pem_key_certs));
    return Qnil;
  }
  num_key_certs = RARRAY_LEN(pem_key_certs);
  if (num_key_certs == 0) {
    rb_raise(rb_eTypeError, "bad pem_key_certs: it had no elements");
    return Qnil;
  }
  for (i = 0; i < num_key_certs; i++) {
    key_cert = rb_ary_entry(pem_key_certs, i);
    if (key_cert == Qnil) {
      rb_raise(rb_eTypeError,
               "could not create a server credential: nil key_cert");
      return Qnil;
    } else if (TYPE(key_cert) != T_HASH) {
      rb_raise(rb_eTypeError,
               "could not create a server credential: want <Hash>, got <%s>",
               rb_obj_classname(key_cert));
      return Qnil;
    } else if (rb_hash_aref(key_cert, sym_private_key) == Qnil) {
      rb_raise(rb_eTypeError,
               "could not create a server credential: want nil private key");
      return Qnil;
    } else if (rb_hash_aref(key_cert, sym_cert_chain) == Qnil) {
      rb_raise(rb_eTypeError,
               "could not create a server credential: want nil cert chain");
      return Qnil;
    }
  }

  auth_client = TYPE(force_client_auth) == T_TRUE;
  key_cert_pairs = ALLOC_N(grpc_ssl_pem_key_cert_pair, num_key_certs);
  for (i = 0; i < num_key_certs; i++) {
    key_cert = rb_ary_entry(pem_key_certs, i);
    key = rb_hash_aref(key_cert, sym_private_key);
    cert = rb_hash_aref(key_cert, sym_cert_chain);
    key_cert_pairs[i].private_key = RSTRING_PTR(key);
    key_cert_pairs[i].cert_chain = RSTRING_PTR(cert);
  }

  TypedData_Get_Struct(self, grpc_rb_server_credentials,
                       &grpc_rb_server_credentials_data_type, wrapper);

  if (pem_root_certs == Qnil) {
    creds = grpc_ssl_server_credentials_create(NULL, key_cert_pairs,
                                               num_key_certs,
                                               auth_client, NULL);
  } else {
    creds = grpc_ssl_server_credentials_create(RSTRING_PTR(pem_root_certs),
                                               key_cert_pairs, num_key_certs,
                                               auth_client, NULL);
  }
  xfree(key_cert_pairs);
  if (creds == NULL) {
    rb_raise(rb_eRuntimeError, "could not create a credentials, not sure why");
    return Qnil;
  }
  wrapper->wrapped = creds;

  /* Add the input objects as hidden fields to preserve them. */
  rb_ivar_set(self, id_pem_key_certs, pem_key_certs);
  rb_ivar_set(self, id_pem_root_certs, pem_root_certs);

  return self;
}

Public Instance Methods

initialize_copy(p1) click to toggle source

Clones ServerCredentials instances.

Gives ServerCredentials a consistent implementation of Ruby's object copy/dup protocol.

static VALUE grpc_rb_server_credentials_init_copy(VALUE copy, VALUE orig) {
  grpc_rb_server_credentials *orig_ch = NULL;
  grpc_rb_server_credentials *copy_ch = NULL;

  if (copy == orig) {
    return copy;
  }

  /* Raise an error if orig is not a server_credentials object or a subclass. */
  if (TYPE(orig) != T_DATA ||
      RDATA(orig)->dfree != (RUBY_DATA_FUNC)grpc_rb_server_credentials_free) {
    rb_raise(rb_eTypeError, "not a %s",
             rb_obj_classname(grpc_rb_cServerCredentials));
  }

  TypedData_Get_Struct(orig, grpc_rb_server_credentials,
                       &grpc_rb_server_credentials_data_type, orig_ch);
  TypedData_Get_Struct(copy, grpc_rb_server_credentials,
                       &grpc_rb_server_credentials_data_type, copy_ch);

  /* use ruby's MEMCPY to make a byte-for-byte copy of the server_credentials
     wrapper object. */
  MEMCPY(copy_ch, orig_ch, grpc_rb_server_credentials, 1);
  return copy;
}